FIG. 1 illustrates a typical problem encountered in a resource security system employed by corporate entities and organizations today. Access to resources 10 are provided to users via a number of interactive devices 12, including computer terminals, workstations, computers which are coupled to a network 14 or in communication therewith via a modem. Resources 10 may include mainframe computers 16, operating systems 18, other networks 20, computer platforms 22, other resources 24 and databases 26. Each of these interactive devices and resources may employ its own security package 30 to ensure that only the users with the proper credentials may access it. Therefore, to provide a user access to five resources, for example, the resource administrators of the five resources must separately authorize clearance to the user by providing him/her with an identification number or character string and a password. Further, each resource security package must maintain an access database of all of its authorized user identifications and passwords.
As a result, a user's typical log on session would require the user to enter his/her user identifier(s) and password(s) several times to gain access to a number of different resources. Each resource is required to independently authenticate the user's identifier and password before entry is granted. If the user logs off a resource but later desires access to the same resource again during the same session, he/she must reenter the user identifier and password to regain entry.
When the user changes responsibility, function or status with the company, the respective resource administrators must be individually notified to update the access database of each resource. However, because the access databases may not be updated (by the individual resource administrators) to reflect the change in personnel, the integrity of the entire system may be compromised.